pam_pkcs11
0.6.8
|
Several routines to: More...
#include "cert_st.h"
Go to the source code of this file.
Data Structures | |
struct | cert_policy_st |
Defines | |
#define | CERTVFY_EXTERN extern |
Enumerations | |
enum | crl_policy_t { CRLP_NONE, CRLP_ONLINE, CRLP_OFFLINE, CRLP_AUTO } |
enum | ocsp_policy_t { OCSP_NONE, OCSP_ON } |
Functions | |
CERTVFY_EXTERN int | verify_certificate (X509 *x509, cert_policy *policy) |
Verify provided certificate, and if needed, CRL. | |
CERTVFY_EXTERN int | verify_signature (X509 *x509, unsigned char *data, int data_length, unsigned char *signature, int signature_length) |
Verify signature of provided data. |
Several routines to:
Definition in file cert_vfy.h.
#define CERTVFY_EXTERN extern |
Definition at line 59 of file cert_vfy.h.
enum crl_policy_t |
CRLP_NONE |
Do not perform any CRL verification. |
CRLP_ONLINE |
Retrieve CRL from CA site. |
CRLP_OFFLINE |
Retrieve CRL from local filesystem. |
CRLP_AUTO |
Try CRL check online, else ofline, else fail. |
Definition at line 32 of file cert_vfy.h.
enum ocsp_policy_t |
Definition at line 43 of file cert_vfy.h.
CERTVFY_EXTERN int verify_certificate | ( | X509 * | x509, |
cert_policy * | policy | ||
) |
Verify provided certificate, and if needed, CRL.
x509 | Certificate to check |
policy | CRL verify policy |
CERTVFY_EXTERN int verify_signature | ( | X509 * | x509, |
unsigned char * | data, | ||
int | data_length, | ||
unsigned char * | signature, | ||
int | signature_length | ||
) |
Verify signature of provided data.
x509 | Certificate to be used |
data | Byte array of data to check |
data_length | Lenght of provided byte array |
signature | Byte array of signature to check |
signature_length | Length of signature byte array |